Hello,
I hope this is the place to send such questions. I'm having problems getting started with ppolicy.
I am trying to specify a specific ppolicy entry for users without using the slapd.conf default policy. Our OpenLDAP deployment environment in Red Hat uses version 2.3.33.
From what I have read (elsewhere since the manual is missing the
ppolicy config info), I must first add a new policy of objectclass 'pwdPolicy" in the policy list. I have done that without problem. I must then indicate for the users that use that policy, the DN of the new policy in the field 'pwdPolicySubentry'.
My problem at this point is that I see no objectclass that contains this field. In reading the ppolicy.schema file I see that the type 'pwdPolicySubentry' is described there, but commented out. The odd thing though, is that even though it is commented out, I can see the type in my LDAP browser when I look for a list of types, and I see no description of it in the other .schema files.
I did read on someone's site that the user entry should be an objectclass of 'pwdPolicy' and then the 'pwdPolicySubentry' field can be entered, but in the ppolicy.schema document, 'pwdPolicySubentry' is not described in the list of fields for objectclass 'pwdPolicy'.
Do I have to edit the ppolicy.schema to get the overlay to work this way? I'm new to LDAP so perhaps I'm not understanding something basic.
Any help or suggestions would be very helpful.
-Todd Merrill